EP1276062A1 - Procédé pour fournir à une source d' information des données spécifiques aux utilisateurs, moyen d'enregistrement et procédé de personnalisation de l'éxpérience internet d'un utilisateur - Google Patents
Procédé pour fournir à une source d' information des données spécifiques aux utilisateurs, moyen d'enregistrement et procédé de personnalisation de l'éxpérience internet d'un utilisateur Download PDFInfo
- Publication number
- EP1276062A1 EP1276062A1 EP01410087A EP01410087A EP1276062A1 EP 1276062 A1 EP1276062 A1 EP 1276062A1 EP 01410087 A EP01410087 A EP 01410087A EP 01410087 A EP01410087 A EP 01410087A EP 1276062 A1 EP1276062 A1 EP 1276062A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- data
- key
- user
- information source
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/02—Marketing; Price estimation or determination; Fundraising
Definitions
- This invention relates to a method of providing user-specific data to an information source, to a data carrier and to a method of personalising a user's Internet experience.
- the invention relates to methods and apparatus for use in profiling (i.e. tailoring) on-line services such as the provision of web content, in accordance with data that is peculiar to the user concerned.
- profiling i.e. tailoring
- Such methods and apparatus are known in themselves and commonly employ cookies and the like to inform information sources such as web servers of a range of user-specific data, so that the service supplied to the user may be tailored in accordance with that user's personal preferences.
- Systems and devices are used in this area to personalise web pages so that, for example, advertisers may target users with on-line advertisements which are likely to be of interest to the user concerned.
- automated personalisation of this type can be beneficial from the user's perspective, in that repeated on-line form filling, otherwise required to inform a service provider of the user's particular interests, is avoided.
- a method of providing user-specific data to an information source to enable the information to be obtained in accordance with the user-specific data, the data being conveyed in encrypted form and wherein the data key used to provide the information source with unencrypted data is obtained using a broker.
- access to the data key may be restricted in accordance, for example, with user commands, and/or preferences.
- the encrypted data is conveyed using the broker.
- the broker forwards the data to the information source without disclosing the origin of the data.
- the broker (which may be a proxy server, for example) may record the origin of the data, mark the data in a corresponding manner, and forward the thus-marked data to the information source.
- this mark (which may comprise a digital code)
- the broker upon receipt of the information from the information source, may identify the intended recipient of the information and return it to the user, as appropriate.
- the data key may be symmetric and may be deposited with the broker in encrypted form. Preferably, the data key is generated randomly.
- the data key may be encrypted using a private exchange key, and the data key may be decrypted using a public exchange key, conveyed with the data.
- the information may be encrypted prior to being returned to a user.
- the information preferably is encrypted using a symmetric information key.
- the information key preferably is randomly generated.
- the information key may be encrypted using the or an additional public exchange key, and may be decrypted using the or an additional private exchange key.
- the encrypted data and the public exchange key may be conveyed in or using a carrier.
- the carrier preferably is a software agent, and conveniently may interact with the information source to divulge user-specific data in response to queries from or on behalf of the information source.
- the interaction (which may be effected using an Application Program Interface) enables user-specific information to be provided upon request, but that it does not allow free, unregulated, access to all the user-specific data.
- the arrangement allows the information source to elicit information peculiar to its requirements, thus enabling the information obtained from the source to be tailored in accordance with certain facets of the user-specific data, without disclosing excess or inappropriate data to the information source.
- the data may comprise a plurality of data sets, wherein each set can only be decrypted with a set-specific data key.
- the broker transmits the data key to the agent in response to a request from the agent, the request including a source identifier whereby the identity of the information source may be established.
- the broker logs or otherwise records each such request.
- this logging step provides a still further layer of security, as the user may review the request logs on demand, whereby an indication may be obtained of which entities (i.e. which information sources) have accessed the user-specific data using the data key.
- the broker logs or records the requests in accordance with each thus-identified information source: in this way, the number of requests dispatched by or on behalf of a particular information source may be monitored.
- the broker is authorised to transmit the data key for a limited period only, after which key requests will not be complied with.
- a data key may be rendered inoperative subsequent to the unencrypted data being divulged.
- the data key may be rendered inoperative by the agent, by destroying, overwriting or otherwise corrupting the data key.
- the agent is operative to carry out an integrity check prior to being conveyed to the broker.
- the integrity check may comprise generating an agent digest and comparing the digest with a trusted control digest, which control digest may be held by a certification authority.
- the digest may be passed to the certification authority in encrypted form, and preferably is encrypted using a private integrity key.
- the digest may be decrypted by the certification authority using a public integrity key.
- a method of providing user-specific data to an information source to enable the information to be obtained in accordance with the user-specific data, the data being conveyed in encrypted form and wherein the data key used to provide the information source with unencrypted data is released by a key source only when the key source is appropriately authorised to do so.
- the key source may be operative to release the data key in response to predetermined request criteria such as the location/identity of the requestor, the time at which the request is made and/or the number of previous occasions upon which a requestor has made the same or a similar request.
- a data carrier for use in providing encrypted user-specific data to an information source to enable the information to be obtained in accordance with the user-specific data
- the carrier comprising a module operative, in response to queries dispatched by or on behalf of the information source, to divulge unencrypted user-specific data to or for use by the information source.
- the carrier is a software agent, with the module conveniently being provided by an Application Program Interface.
- the module may be operative to obtain, from a third party, a data key, whereby the unencrypted data may be divulged to the information source.
- the data carrier may be as described in one or more of the preceding paragraphs.
- a method of providing user-specific data to an information source to enable the information to be obtained in accordance with the user-specific data the data being conveyed in encrypted form in or using a carrier, the carrier comprising a module which, in response to queries dispatched by or on behalf of the information source, divulges unencrypted user-specific data to or for use by the information source.
- the invention in its fourth aspect, may comprise one or more features described in relation to the first three aspects of the present invention.
- a method of personalising a user's Internet experience comprising conveying, with or in conjunction with a web page request, a carrier comprising user-specific data in encrypted form, the carrier comprising a module operative, in response to queries dispatched by or on behalf of the web page content provider, to divulge unencrypted user-specific data whereby the page returned may be tailored in accordance with the user-specific data.
- the carrier is conveyed via a broker, the broker being operative to forward the carrier to an appropriate web server without disclosing, to the server, the origin of the data.
- the carrier is a software agent, with the module being provided by an Application Program Interface.
- the invention in its fifth aspect, may comprise one or more of the features described in relation to the first four aspects.
- a method of providing user-specific data to an information source to enable the information to be obtained in accordance with the user-specific data, the data being conveyed in encrypted form, the data key used to provide the information source with unencrypted data being obtained using a broker and wherein the data key is conveyed using a carrier in the form of a software agent.
- use of the present invention relies upon a software agent 10 written using a mobile code such as Java which, at least initially, is provided on a user's workstation 11 or on a non-volatile data storage medium (not shown) readable by the workstation 11.
- a software agent 10 written using a mobile code such as Java which, at least initially, is provided on a user's workstation 11 or on a non-volatile data storage medium (not shown) readable by the workstation 11.
- user-specific data is transferred to the agent, with the transfer encompassing a symmetric encryption step using a randomly generated data key 12.
- This key is generated, in generally conventional manner, using a triple DES or AES (Advanced Encryption Standard) cryptography method, with the key length (56, 128 or even 256 bits) being selected to ensure a high degree of data confidentiality.
- the amount - and type - of data (which is shown in encrypted form at 13) that is transferred to the agent 10 will depend upon the type of service/information that the user wishes to access.
- the data transferred to the agent 10 may include details of the user's qualifications, age, experience, current salary and salary expectations.
- the data may include details of the user's preferred sports and the format and frequency with which the user wishes to be notified of certain events or occurrences.
- "excess" data may be transferred to the agent, in that some of the data transferred may not in fact be used by the target service. This, however, does not cause any privacy problems, as the agent is configured to release data to a target service only in response to certain queries.
- the data includes a pointer (such as a redirect command) that causes any data flow between the user and a target service (information source) 14 to be channelled through a broker 15.
- a pointer such as a redirect command
- the broker 15 which may be provided by a proxy web server, thus constitutes an electronic "stepping stone" and acts to receive and forward data from and to the user's workstation and the information source 14.
- the agent carries out an integrity check by generating, using the agent code, an agent code digest, using an appropriate digest algorithm.
- the digest 16 is then encrypted with a user private key 17, and the encrypted digest 18 is then sent to a trusted certification authority 19 for verification.
- the certification authority which, in generally conventional manner, has previously been provided with a copy of the user's public key 20, decrypts the encrypted digest 18 and compares the unencrypted digest 16 with a control digest 21 located in an appropriate data store under the control of the certification authority. This, as will be appreciated, has two effects. The first is that successful decryption of the encrypted digest 18 confirms the origin of the encrypted digest 18, as the user's private key 17 was used to effect the encryption.
- the certification authority would not be able to decrypt the encrypted digest using the user's public key 20.
- comparison of the decrypted digest with the control digest enables the certification authority to confirm that the agent code has not been tampered, altered or otherwise corrupted in any way.
- the agent 10 which also carries an exchange public key 22 in a key store 23, is sent from the workstation 11 towards the information source 14, via the broker 15.
- the broker 15, in forwarding the agent towards the information source 14, is operative to hide or disguise the origin of the agent 10, so that even in the event that the user-specific data passes to an unauthorised entity, the data cannot be tied to the individual, network or workstation from which it originated.
- the broker 15 is also supplied, by the workstation 11, with an encrypted form of the data key 12.
- the data key 12 is encrypted using an exchange private key 24, obtained from a user's key store 25.
- the encrypted data key 26 is then held by the broker 15 until the broker receives a key request from the agent 10, as described in more detail hereafter.
- the agent When the information source receives the agent, the agent is loaded and activated, which then allows the agent to release certain parts of the user-specific data in response to queries generated by the information source 14.
- the information source queries the agent 10 by asking specific questions that can be answered using the user-specific data.
- the agent asks the broker 15 to supply it with the encrypted data key 26, to enable a relevant part of the user-specific data to be accessed.
- the encrypted data key 26, encrypted using the exchange private key 24 is decrypted using the exchange public key 22 contained within the agent's key store 23.
- the agent Using the thus-decrypted data key 12, user-specific data relating to the particular query can be unlocked from the encrypted data store 28, and is passed to the information source via the broker 15. Subsequently, the agent renders the data key inoperative, such as by destroying, overwriting or otherwise corrupting the key, to ensure that the key does not remain available in unencrypted form for any longer than is absolutely necessary.
- the broker 15 logs each occasion on which the encrypted data key 26 is requested by the agent, and records the nature of the unencrypted data that is passed from the agent to the information source 14.
- a user can check what types of user-specific data are being accessed by a given information source, which can be used to verify that the user-specific data is contained securely within the agent 10.
- a sports news service has obtained, from the agent 10
- user-specific data concerning a user's income, dietary habits or marital status for example, this may indicate that the data key 12 is no longer safely encrypted and that a security breach has occurred.
- the information source 14 supplies the agent 10 with an information payload 28 encrypted using a randomly generated DES payload key 29, with the encrypted information 28 being stored within a payload container 30 provided in the agent 10.
- a copy of the payload key is also passed to the agent.
- the agent 10 encrypts the payload key 29 and the agent 10 - with its loaded payload container 30 - is then returned to the user via the broker 15.
- the encrypted payload key 31 is decrypted, with the thus-decrypted payload key 29 then being used by the workstation 11 to decrypt the information payload 28.
- the invention allows user-specific data to be used to tailor information received from an information source in a highly secure manner.
- this is achieved by the use of the broker 15, which removes or disguises the origin of the agent supplied by the workstation 11 over (for example) an Internet platform.
- the broker 15 receives limited parts of the user-specific data from the agent, and forwards these to the information source 14, the broker does not have unrestricted access to the unencrypted user-specific data, as the broker does not have an unencrypted form of the data key 12.
- the broker can receive an encrypted information payload from the agent, and forward this to the workstation 11, the broker does not have unrestricted access to the information source 14, and cannot decrypt the encrypted information payload 28 as it does not itself have access to the exchange private key 24.
- the target service (information source) 14 has no direct access to any of the user-specific data, as it to has no access to the data key 12, and is only able to obtain the encrypted data key 26 from the broker 15 when the broker is appropriately authorised to release it.
- the data log maintained by the broker 15 can be used to inform a user when and by whom (or by what) the user's data has been accessed. Should this reveal that a particular information source appears to be using the agent 10 inappropriately (by asking questions that do not relate to the core activities of the information source), access to the encrypted data key 26 may be refused by the broker 15, if so instructed by the user.
- the invention provides, in particular, a highly secure and efficient method by which a user's Internet (e.g. web browsing) experience may be personalised, in that a requested web page can be tailored in accordance with the user's particular interests or preferences, without the user having to disclose unencrypted personal data as has hitherto often been required.
- a user's Internet e.g. web browsing
- a requested web page can be tailored in accordance with the user's particular interests or preferences, without the user having to disclose unencrypted personal data as has hitherto often been required.
Landscapes
- Business, Economics & Management (AREA)
- Strategic Management (AREA)
- Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Development Economics (AREA)
- Finance (AREA)
- Economics (AREA)
- Game Theory and Decision Science (AREA)
- Entrepreneurship & Innovation (AREA)
- Marketing (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Storage Device Security (AREA)
- Computer And Data Communications (AREA)
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP01410087A EP1276062A1 (fr) | 2001-07-12 | 2001-07-12 | Procédé pour fournir à une source d' information des données spécifiques aux utilisateurs, moyen d'enregistrement et procédé de personnalisation de l'éxpérience internet d'un utilisateur |
US10/194,974 US20030012384A1 (en) | 2001-07-12 | 2002-07-12 | Method of providing user-specific data to an information source, a data carrier and a method of personalising a user's Internet experience |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP01410087A EP1276062A1 (fr) | 2001-07-12 | 2001-07-12 | Procédé pour fournir à une source d' information des données spécifiques aux utilisateurs, moyen d'enregistrement et procédé de personnalisation de l'éxpérience internet d'un utilisateur |
Publications (1)
Publication Number | Publication Date |
---|---|
EP1276062A1 true EP1276062A1 (fr) | 2003-01-15 |
Family
ID=8183104
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP01410087A Withdrawn EP1276062A1 (fr) | 2001-07-12 | 2001-07-12 | Procédé pour fournir à une source d' information des données spécifiques aux utilisateurs, moyen d'enregistrement et procédé de personnalisation de l'éxpérience internet d'un utilisateur |
Country Status (2)
Country | Link |
---|---|
US (1) | US20030012384A1 (fr) |
EP (1) | EP1276062A1 (fr) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8842175B2 (en) | 2004-03-26 | 2014-09-23 | Broadcom Corporation | Anticipatory video signal reception and processing |
US8656506B2 (en) * | 2007-06-28 | 2014-02-18 | Microsoft Corporation | Rights enforcement of unencrypted content |
Family Cites Families (19)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4500750A (en) * | 1981-12-30 | 1985-02-19 | International Business Machines Corporation | Cryptographic application for interbank verification |
US5748735A (en) * | 1994-07-18 | 1998-05-05 | Bell Atlantic Network Services, Inc. | Securing E-mail communications and encrypted file storage using yaksha split private key asymmetric cryptography |
WO1996010787A1 (fr) * | 1994-10-04 | 1996-04-11 | Banctec, Inc. | Environnement informatique oriente-objets et procede associe |
US5812666A (en) * | 1995-03-31 | 1998-09-22 | Pitney Bowes Inc. | Cryptographic key management and validation system |
EP0876722B1 (fr) * | 1996-01-12 | 2002-04-03 | International Business Machines Corporation | Echange protege et anonyme d'informations dans un reseau |
US6076078A (en) * | 1996-02-14 | 2000-06-13 | Carnegie Mellon University | Anonymous certified delivery |
US5903729A (en) * | 1996-09-23 | 1999-05-11 | Motorola, Inc. | Method, system, and article of manufacture for navigating to a resource in an electronic network |
GB2318486B (en) * | 1996-10-16 | 2001-03-28 | Ibm | Data communications system |
US6002946A (en) * | 1997-04-14 | 1999-12-14 | Motorola, Inc. | Handheld device having an optical data reader |
US6266704B1 (en) * | 1997-05-30 | 2001-07-24 | The United States Of America As Represented By The Secretary Of The Navy | Onion routing network for securely moving data through communication networks |
US6574661B1 (en) * | 1997-09-26 | 2003-06-03 | Mci Communications Corporation | Integrated proxy interface for web based telecommunication toll-free network management using a network manager for downloading a call routing tree to client |
US6108644A (en) * | 1998-02-19 | 2000-08-22 | At&T Corp. | System and method for electronic transactions |
US6112992A (en) * | 1998-06-17 | 2000-09-05 | Motorola, Inc. | Optical code reader and methods and articles therefor |
US6126075A (en) * | 1998-06-04 | 2000-10-03 | Motorola, Inc. | Optical code reader including circuitry for processing the read symbology |
US6260760B1 (en) * | 1998-06-17 | 2001-07-17 | Motorola, Inc. | Optical code reader including circuitry for processing the symbology |
US6643684B1 (en) * | 1998-10-08 | 2003-11-04 | International Business Machines Corporation | Sender- specified delivery customization |
US6430688B1 (en) * | 1998-12-22 | 2002-08-06 | International Business Machines Corporation | Architecture for web-based on-line-off-line digital certificate authority |
US6496931B1 (en) * | 1998-12-31 | 2002-12-17 | Lucent Technologies Inc. | Anonymous web site user information communication method |
US6418325B1 (en) * | 1999-07-12 | 2002-07-09 | Motorola, Inc. | Handheld device having an optical data reader |
-
2001
- 2001-07-12 EP EP01410087A patent/EP1276062A1/fr not_active Withdrawn
-
2002
- 2002-07-12 US US10/194,974 patent/US20030012384A1/en not_active Abandoned
Non-Patent Citations (1)
Title |
---|
No Search * |
Also Published As
Publication number | Publication date |
---|---|
US20030012384A1 (en) | 2003-01-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9400891B2 (en) | Owner controlled transmitted file protection and access control system and method | |
US9134935B2 (en) | Methods and apparatus for secure document printing | |
CN1665184B (zh) | 使用灵活权限模板以获取数字内容的经签署的权限标签 | |
EP1515215B1 (fr) | Procédé et dispositif pour le transfert sécurisé et la gestion de droits d'accès du contenu numérique au moyen d'indexation du contenu | |
US9286484B2 (en) | Method and system for providing document retention using cryptography | |
US6385728B1 (en) | System, method, and program for providing will-call certificates for guaranteeing authorization for a printer to retrieve a file directly from a file server upon request from a client in a network computer system environment | |
US6189101B1 (en) | Secure network architecture method and apparatus | |
JP5383830B2 (ja) | ユーザのプライバシー保護のための方法 | |
US7725716B2 (en) | Methods and systems for encrypting, transmitting, and storing electronic information and files | |
US20020077985A1 (en) | Controlling and managing digital assets | |
US20030051172A1 (en) | Method and system for protecting digital objects distributed over a network | |
WO2000075754A2 (fr) | Controle d'acces dans un environnement web | |
US20020032873A1 (en) | Method and system for protecting objects distributed over a network | |
US7359518B2 (en) | Distribution of secured information | |
US11962684B2 (en) | System and method for registering a user | |
US20040059945A1 (en) | Method and system for internet data encryption and decryption | |
US20090228710A1 (en) | System and method for presentation integrity | |
EP1276062A1 (fr) | Procédé pour fournir à une source d' information des données spécifiques aux utilisateurs, moyen d'enregistrement et procédé de personnalisation de l'éxpérience internet d'un utilisateur | |
US8006307B1 (en) | Method and apparatus for distributing secure digital content that can be indexed by third party search engines | |
KR100871619B1 (ko) | 이동통신 단말기에서 멀티미디어 메시지를 통해 컨텐트권리를 수신하는 장치 및 방법 | |
KR20180136267A (ko) | 동형 암호화를 이용한 개인 정보 보호 방법 | |
CN112187777A (zh) | 智慧交通传感数据加密方法、装置、计算机设备及存储介质 | |
Hsiao et al. | Secure information caching on the Web | |
Kennedy et al. | Key recovery functional model | |
JPH1039753A (ja) | 電子情報への確定日付付与法 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE TR |
|
AX | Request for extension of the european patent |
Free format text: AL;LT;LV;MK;RO;SI |
|
17P | Request for examination filed |
Effective date: 20030711 |
|
AKX | Designation fees paid |
Designated state(s): DE FR GB |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN |
|
18D | Application deemed to be withdrawn |
Effective date: 20061024 |